The Joker malware was found in another popular Android app last week by security research firm Pradeo. Called “Color Message,” the app was removed by Google from the Play Store, but not before exceeding 500,000 installs.
According to the research firm, Color Message appears to be connecting to Russian servers. The app accesses the user's contact list and “exfiltrates it over the network” while automatically subscribing to unwanted paid services.
Color Message hides its app icon
One of the reasons Joker malware is difficult to detect is that it “generates a very discreet footprint.” Meanwhile, the infected Color Message app makes it harder for users to spot it, as it's capable of hiding its own app icon once installed.
Fortunately, this malicious app is no longer available for download from the Google Play Store. However, it may still be lurking on thousands of phones, Galaxy or no, that had the app installed before the Joker malware got discovered, especially since it can keep its icon hidden.
The Joker malware was also found by Quick Heal Security Labs in eight Android apps last summer, and over the last two years, the same malware got distributed through hundreds of other apps.
Color Message was seemingly designed to support as many devices as possible, so it's compatible with Android 6.0 and up.
Thankfully, there are dozens of reputable antivirus apps available for download through the Samsung Galaxy Store or the Play Store, which can keep your personal information safe. Leave a comment below if you already use one or have a favorite security solution.
Join SamMobile’s Telegram group and subscribe to our YouTube channel to get instant news updates and in-depth reviews of Samsung devices. You can also subscribe to get updates from us on Google News and follow us on Twitter.
